General
-
Target
d949ea4466b8a6048f1e1ba10f5720e5c03b6cf4b1e31a818900686f46e63e8e
-
Size
1.0MB
-
Sample
220525-cqrklsbgan
-
MD5
3d7bbed806431547e76b7392436fee11
-
SHA1
c86e1f65d24252dbdf70db763349933d456242c1
-
SHA256
d949ea4466b8a6048f1e1ba10f5720e5c03b6cf4b1e31a818900686f46e63e8e
-
SHA512
e874f1c1714356b23509a76d221274f2e73178a6fb49ccc9301fa985984053293e877ce7e8ec4a1c2b3a096cba9a5b9b9daab015e80681d632d19b68f6b5aa47
Static task
static1
Behavioral task
behavioral1
Sample
d949ea4466b8a6048f1e1ba10f5720e5c03b6cf4b1e31a818900686f46e63e8e.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
d949ea4466b8a6048f1e1ba10f5720e5c03b6cf4b1e31a818900686f46e63e8e.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
njrat
0.7d
NYAN CAT
dongreg202020.kozow.com:8874
45812126d8ab49289ee6c31f7bc59730
-
reg_key
45812126d8ab49289ee6c31f7bc59730
-
splitter
|'|'|
Targets
-
-
Target
d949ea4466b8a6048f1e1ba10f5720e5c03b6cf4b1e31a818900686f46e63e8e
-
Size
1.0MB
-
MD5
3d7bbed806431547e76b7392436fee11
-
SHA1
c86e1f65d24252dbdf70db763349933d456242c1
-
SHA256
d949ea4466b8a6048f1e1ba10f5720e5c03b6cf4b1e31a818900686f46e63e8e
-
SHA512
e874f1c1714356b23509a76d221274f2e73178a6fb49ccc9301fa985984053293e877ce7e8ec4a1c2b3a096cba9a5b9b9daab015e80681d632d19b68f6b5aa47
Score10/10-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-